InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
New Cooperative & Crystal Valley Cooperative
https://www.scmagazine.com/analysis/ransomware/food-and-agriculture-industry-needs-more-threat-intel-as-ransomware-attacks-crop-up/Exploit: Ransomware
New Cooperative & Crystal Valley Cooperative: Agricultural Services
Risk to Business: 1.337 = Extreme
Twin breaches in agriculture have the potential to cause significant disruptions in the US food supply chain. Iowa-based farm service provider New Cooperative was the first ag company hit with a ransomware attack early last week, causing the company to shut down its IT systems. As part of its announcement, the company stated that there would be “public disruption” to the grain, pork and chicken supply chain if its operations are not restored quickly. New ransomware group BlackMatter claimed responsibility, releasing proof on their dark web leak site, saying that they have 1,000GB of data. BlackMatter is demanding a $5.9 million ransom. Minnesota-based farm supply and grain marketing cooperative Crystal Valley was the next hit by a ransomware attack a few days later. The company announced that all of its corporate IT systems were shut down and they were unable to process credit card payments. It also noted that this is a very bad time for cyberattacks in the industry as it is harvest season. No group has yet claimed responsibility for this incident.
Customers Impacted: Unknown
How It Could Affect Your Business: As we learned throughout the pandemic, cybercriminals are aware of when it’s the worst possible time for them to strike and they’ll use that as leverage in their attacks.
Simon Eye & US Vision
https://www.govinfosecurity.com/hacking-incidents-lead-to-2-big-eye-care-provider-breaches-a-17587Exploit: Hacking
Simon Eye & US Vision: Optometry Clinic Operators
Risk to Business: 1.606=Severe
A pair of breaches in the optometry world by Simon Eye and US Vision has exposed the personal and health information of tens of thousands of US patients. Delaware-based Simon Eye Management, a chain of clinics that provide eye exams, eyeglasses and surgical evaluations, reported a hacking incident to the US Department of Health and Human Services (HHS) affecting more than 144,000 individuals. This incident also included an aborted business email compromise attempt. In their HIPAA filing, the breach involved an unauthorized third party accessing certain employee email accounts in May 2021 as cybercriminals attempted to pull off wire transfer and invoice manipulation attacks against the company. New Jersey-based USV Optical Inc., a division of US Vision, has also reported a breach to HHS caused by hacking. The company says the incident involved unauthorized access to certain servers and systems between April 20 and May 17, 2021.
Individual Risk: 1.667= Severe
A total of 320,000 US residents may be impacted by these breach incidents. Simon Eye’s disclosure detailed patient information that had potentially been compromised by the incident including patient names, medical histories, treatment or diagnosis information, health information, health insurance information and some Social Security numbers, date of birth and/or financial account information. US Vision disclosed that patient Information potentially compromised in the incident includes patient names, addresses, date of birth and eye care insurance information.
How It Could Affect Your Business: When companies fail to keep highly sensitive data like this safe, they take a direct hit to the wallet since it costs them a fortune in HIPAA fines once regulators get finished with them.
Marcus & Millichap
https://searchsecurity.techtarget.com/news/252507058/Marcus-Millichap-hit-with-possible-BlackMatter-ransomwareExploit: Ransomware
Marcus & Millichap: Real Estate Firm
Risk to Business: 1.636 = Severe
Real estate giant Marcus & Millichap has suffered a ransomware attack. Suspected to be the work of the BlackMatter ransomware gang, the firm disclosed in an SEC filing that it had seen no evidence of a data breach, although Black Matter did post some authentic-looking sample files with its ransomware demand on its dark web leak site. The incident is under investigation. (The second breach in this pair is in the South America section.)
Customers Impacted: Unknown
How It Could Affect Your Business: Booming dark web data markets mean that cybercriminals are hungry for all kinds of data, especially customer records and financial information.
Colombia – Coninsa Ramon H
https://thehackernews.com/2021/09/colombian-real-estate-agency-leak.htmlExploit: Misconfiguration
Coninsa Ramon H: Real Estate Firm
Risk to Business: 1.713 = Severe
A database owned by Colombian real estate firm Coninsa Ramon H has leaked data. More than one terabyte of data containing 5.5 million files was left exposed, leaking the personal information of over 100,000 customers of a Colombian real estate firm data exposure is the result of a misconfigured Amazon Web Services (AWS) Simple Storage Service (S3) bucket.
Individual Risk: 1.605 = Severe
The data in the exposed bucket includes internal documents like invoices, proof of income documents, quotes and account statements dating between 2014 and 2021. The customer PII leaked may include names, phone numbers, email addresses, residential addresses, amounts paid for estates and asset values. The bucket may also contain a database backup that includes additional information such as profile pictures, usernames and hashed passwords.
How It Could Affect Your Business: exposed databases are a cybersecurity incident that companies don’t need to face if everyone is on the same page about the importance of security.
Italy – Covisian
https://www.inforisktoday.com/ransomware-attack-reportedly-cripples-european-call-center-a-17619
Exploit: RansomwareCovisian: Call Center Operator
Risk to Business: 1.661=Severe
GSS, the Spanish language division of call center giant Covisian, has informed customers that it has been subjected to a ransomware attack. The attack locked down the company’s IT systems, crippling its Spanish-language call centers. Customer service for organizations including Vodafone Spain, the Masmovil ISP, Madrid’s water supply company, television stations and many private businesses was impacted. (The second in this pair of breaches is in the Middle East section)
How it Could Affect Your Business: This is a good illustration of today’s third-party/supply perils. One ransomware attack on a company like this can ripple out to impact many businesses.
Israel – Voicecenter
Exploit: RansomwareVoicecenter: Call Center Operator
Risk to Business: 1.699 = Severe
A ransomware attack against the Israeli call center service company Voicenter earlier this week is suspected to be the work of the Deus ransomware outfit who has claimed responsibility for the hack. The gang Deus claimed it would release 15 TB of data concerning 8,000 companies that work with Voicenter including Mobileye, Partner, Gett and My Heritage, among others. The data that the attackers have posted on their dark web leak site includes samples of security camera and webcam footage, ID card information, photos, WhatsApp messages, emails and recordings of phone calls. Interestingly, Deus also provided a photo of its ransom message with a demand for 15 bitcoin within 12 hours of the notification on September 19, with 10 bitcoin added every 12 hours after that deadline. After a brief disruption in services, most Voicenter functions have been restored.
How it Could Affect Your Business: service providers are goldmines for cybercriminals because they provide a wealth of data that can be used and sold for high profit.
Austin Cancer Centers
Exploit: RansomwareAustin Cancer Centers: Specialty Medical Clinic System
Risk to Business: 1.623 = Severe
Austin (Texas) Cancer Centers are notifying 36,503 patients of a data breach that forced it to shut down its IT networks. The cancer treatment network, which has eight locations, discovered that hackers had deployed ransomware onto its systems. Cybersecurity experts determined that hackers had made the intrusion and remained invisible since late July 2021.
Individual Risk: 1.702 = Severe
Exposed information may include Social Security numbers, names, addresses, birthdates, credit card numbers and health-related information. For patients affected, Austin Cancer Centers offers online credit monitoring services and fraud insurance with coverage up to $1,000,000.
How It Could Affect Your Business: Data from medical centers is always a valuable commodity for cybercriminals because it can provide PII, financial information and other profitable tidbits.
TTEC
https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/Exploit: Ransomware
TTEC: Customer Support Provider
Risk to Business: 2.636 = Moderate
TTEC, a growing customer support provider, has been hit with a suspected Ragnar Locker ransomware attack. The company handles customer support calls on behalf of an array of major companies including Bank of America, Best Buy, Credit Karma, Dish Network, Kaiser Permanente, USAA and Verizon. Around September 12, company data was encrypted and business activities at several facilities were temporarily disrupted. The incident is under investigation.
How It Could Affect Your Business: Ransomware is always a disaster. Ragnar Locker operators recently threatened additional repercussions to companies that contact law enforcement officials after a successful attack.
Walgreen’s
https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerabilityExploit: Misconfiguration
Walgreen’s: Drugstore Chain
Risk to Business: 1.336=Extreme
Vox reports that the personal data of patients that had a COVID-19 test at Walgreens was stored incorrectly and exposed to anyone who cared to view it. The data exposure potentially affects millions of people who used Walgreens’ COVID-19 testing services over the course of the pandemic. The exposure came to light after a security expert checked for test results for a family member and noticed the issue. discovered the issues in March after a family member got a COVID-19 test. The vulnerability has been around since at least March 2021 when the expert discovered it, but likely longer
Individual Risk: 1.217=Extreme
Patient personal data exposed include each patient’s name, date of birth, gender identity, phone number, address and email. In some cases, test results are also available.
How It Could Affect Your Business: When a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause. It’s also going to cost them a fortune in penalties once regulators get finished with them.
Epik
https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/Exploit: Hacking
Epik: Webhosting
Risk to Business: 1.227 = Extreme
Legendary hacktivist group Anonymous has struck again, this time claiming to have snatched gigabytes of data from Epik, a domain name, hosting, and DNS service provider for a variety of right-wing sites including Texas GOP, Gab, Parler and 8chan including extremist groups. The hacktivist collective announced in a press release that the data set, which is over 180GB in size, contains a “decade’s worth of data from the company.” It has been released as a torrent. Members of the whistleblower site, Distributed Denial of Secrets (DDoSecrets), have also made the data set available via alternate means. The Ars Technica story on the incident, linked above, is absolutely worth reading and includes the press release as well as other actions by Anonymous in the same vein. The group perpetrated this hack as part of its Operation Jane campaign.
Individual Risk: 1.305 = Extreme
It is unclear to what extent this hack exposed personal information for owners of sites hosted by Epik or other personal or financial data. However, reports from experts who have viewed the data say that it is highly likely that Epik customers and users should expect that their data has been stolen.
How It Could Affect Your Business: Experts who have seen the stolen data contend that Epik was negligent in its storage of PII and passwords, making the hack easier for Anonymous.
Microsoft
https://www.bleepingcomputer.com/news/security/eventbuilder-misconfiguration-exposes-microsoft-event-registrant-data/Exploit: Misconfiguration
Microsoft: Software Developer
Risk to Business: 2.801 = Moderate
The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.
Individual Risk: 2.727 = Moderate
Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.
How it Could Affect Your Business: Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.
France – CMA CGM
https://splash247.com/cma-cgm-hit-by-another-cyber-attack/
Exploit: RansomwareCMA CGM: Maritime Freight Carrier
Risk to Business: 2.819 = Moderate
French container shipping giant CMA CGM has been hit by another cyber-attack. The company was breached about a year ago as well. A spate of attacks against maritime shipping companies has led to breaches at all four of the major players – Maersk, MSC, Cosco and CMA CGM – in the last 12 months. CMA CGM said its IT teams have immediately developed and installed security patches.
Individual Risk: 2.878 = Moderate
The company revealed that customer data had been stolen in this attack including regular customers’ first and last names, employer, position, email addresses and phone numbers.
How it Could Affect Your Business: By land, sea or air, shipping companies have been favored targets of cybercriminals since the start of the pandemic.
Japan – Olympus
https://portswigger.net/daily-swig/olympus-insists-medical-services-uninterrupted-by-malware-attack
Exploit: MalwareOlympus: Medical Technology Developer
Risk to Business: 1.802 = Severe
Japanese medical tech behemoth Olympus has disclosed a cyber-attack that prompted the shutdown of certain IT systems last week. The company announced that it had been hit with “an attempted malware attack affecting parts of our sales and manufacturing networks in EMEA (Europe, Middle East, and Africa).”
Customers Impacted: Unknown
How it Could Affect Your Business: Malware attacks like this are becoming increasingly more common as cybercriminals look at encryption over theft as a quick way to mount a successful attack and score a payday.
Austin Cancer Centers
Exploit: RansomwareAustin Cancer Centers: Specialty Medical Clinic System
Risk to Business: 1.623 = Severe
Austin (Texas) Cancer Centers are notifying 36,503 patients of a data breach that forced it to shut down its IT networks. The cancer treatment network, which has eight locations, discovered that hackers had deployed ransomware onto its systems. Cybersecurity experts determined that hackers had made the intrusion and remained invisible since late July 2021.
Individual Risk: 1.702 = Severe
Exposed information may include Social Security numbers, names, addresses, birthdates, credit card numbers and health-related information. For patients affected, Austin Cancer Centers offers online credit monitoring services and fraud insurance with coverage up to $1,000,000.
How It Could Affect Your Business: Data from medical centers is always a valuable commodity for cybercriminals because it can provide PII, financial information and other profitable tidbits.
TTEC
https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/Exploit: Ransomware
TTEC: Customer Support Provider
Risk to Business: 2.636 = Moderate
TTEC, a growing customer support provider, has been hit with a suspected Ragnar Locker ransomware attack. The company handles customer support calls on behalf of an array of major companies including Bank of America, Best Buy, Credit Karma, Dish Network, Kaiser Permanente, USAA and Verizon. Around September 12, company data was encrypted and business activities at several facilities were temporarily disrupted. The incident is under investigation.
How It Could Affect Your Business: Ransomware is always a disaster. Ragnar Locker operators recently threatened additional repercussions to companies that contact law enforcement officials after a successful attack.
Walgreen’s
https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerabilityExploit: Misconfiguration
Walgreen’s: Drugstore Chain
Risk to Business: 1.336=Extreme
Vox reports that the personal data of patients that had a COVID-19 test at Walgreens was stored incorrectly and exposed to anyone who cared to view it. The data exposure potentially affects millions of people who used Walgreens’ COVID-19 testing services over the course of the pandemic. The exposure came to light after a security expert checked for test results for a family member and noticed the issue. discovered the issues in March after a family member got a COVID-19 test. The vulnerability has been around since at least March 2021 when the expert discovered it, but likely longer
Individual Risk: 1.217=Extreme
Patient personal data exposed include each patient’s name, date of birth, gender identity, phone number, address and email. In some cases, test results are also available.
How It Could Affect Your Business: When a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause. It’s also going to cost them a fortune in penalties once regulators get finished with them.
Epik
https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/Exploit: Hacking
Epik: Webhosting
Risk to Business: 1.227 = Extreme
Legendary hacktivist group Anonymous has struck again, this time claiming to have snatched gigabytes of data from Epik, a domain name, hosting, and DNS service provider for a variety of right-wing sites including Texas GOP, Gab, Parler and 8chan including extremist groups. The hacktivist collective announced in a press release that the data set, which is over 180GB in size, contains a “decade’s worth of data from the company.” It has been released as a torrent. Members of the whistleblower site, Distributed Denial of Secrets (DDoSecrets), have also made the data set available via alternate means. The Ars Technica story on the incident, linked above, is absolutely worth reading and includes the press release as well as other actions by Anonymous in the same vein. The group perpetrated this hack as part of its Operation Jane campaign.
Individual Risk: 1.305 = Extreme
It is unclear to what extent this hack exposed personal information for owners of sites hosted by Epik or other personal or financial data. However, reports from experts who have viewed the data say that it is highly likely that Epik customers and users should expect that their data has been stolen.
How It Could Affect Your Business: Experts who have seen the stolen data contend that Epik was negligent in its storage of PII and passwords, making the hack easier for Anonymous.
Microsoft
https://www.bleepingcomputer.com/news/security/eventbuilder-misconfiguration-exposes-microsoft-event-registrant-data/Exploit: Misconfiguration
Microsoft: Software Developer
Risk to Business: 2.801 = Moderate
The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.
Individual Risk: 2.727 = Moderate
Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.
How it Could Affect Your Business: Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.
France – CMA CGM
https://splash247.com/cma-cgm-hit-by-another-cyber-attack/
Exploit: RansomwareCMA CGM: Maritime Freight Carrier
Risk to Business: 2.819 = Moderate
French container shipping giant CMA CGM has been hit by another cyber-attack. The company was breached about a year ago as well. A spate of attacks against maritime shipping companies has led to breaches at all four of the major players – Maersk, MSC, Cosco and CMA CGM – in the last 12 months. CMA CGM said its IT teams have immediately developed and installed security patches.
Individual Risk: 2.878 = Moderate
The company revealed that customer data had been stolen in this attack including regular customers’ first and last names, employer, position, email addresses and phone numbers.
How it Could Affect Your Business: By land, sea or air, shipping companies have been favored targets of cybercriminals since the start of the pandemic.
Japan – Olympus
https://portswigger.net/daily-swig/olympus-insists-medical-services-uninterrupted-by-malware-attack
Exploit: MalwareOlympus: Medical Technology Developer
Risk to Business: 1.802 = Severe
Japanese medical tech behemoth Olympus has disclosed a cyber-attack that prompted the shutdown of certain IT systems last week. The company announced that it had been hit with “an attempted malware attack affecting parts of our sales and manufacturing networks in EMEA (Europe, Middle East, and Africa).”
Customers Impacted: Unknown
How it Could Affect Your Business: Malware attacks like this are becoming increasingly more common as cybercriminals look at encryption over theft as a quick way to mount a successful attack and score a payday.
United Nations
https://www.infosecurity-magazine.com/news/hackers-steal-data-from-united/
Exploit: Credential CompromiseUnited Nations: Global Intergovernmental Organization
Risk to Business: 1.623 = Severe
Hackers have broken into the computer network of the United Nations and made off with data. The unidentified cybercriminals responsible for the hit appear to have gained access using employee login credentials stolen from a UN employee. Reports say that the bad actors logged into the employee’s Umoja account, the enterprise resource planning system implemented by the UN in 2015. This intrusion took place over an extended period of time. Investigators determined that the UN’s systems were first accessed by hackers on April 5, 2021, and that network intrusions continued to take place until August 7.
Customers Impacted: Unknown
How It Could Affect Your Business: This is a big target that regularly handles and sensitive data. The fact that it took several months to detect an intrusion is worrying.
Texas Right to Life
https://techcrunch.com/2021/09/07/texas-right-to-life-website-exposed-job-applicants-resumes/
Exploit: MisconfigurationDuPage Medical Group: Healthcare Practice
Risk to Business: 2.636 = Moderate
Anti-choice political action group Texas Right to Life is in hot water after it exposed the personal information of hundreds of job applicants on its website. Investigators have blamed a configuration error that allowed anyone to access all applicants’ resumes, which were stored in an unprotected directory. No additional information appears to have been exposed.
Individual Risk: 2.712 = Moderate
Job applicants had names, phone numbers, addresses and details of their employment history exposed, as the data included complete resumes for approximately 300 people..
How It Could Affect Your Business: Sloppy setups are responsible for too any data breaches. Establishing a strong cybersecurity culture combats this problem.
Dotty’s
https://portswigger.net/daily-swig/data-breach-at-us-restaurant-and-gambling-chain-dottys-may-have-leaked-sensitive-customer-informationExploit: Ransomware
Dotty’s: Fast Food Restaurant and Gambling Parlor Chain
Risk to Business: 1.673=Severe
Dotty’s, a fast food chain that offers gambling services across 175 locations, has experienced a cyberattack that severely impacted operations. The chain, owned and operated by Nevada Restaurant Services, announced that malware was discovered on some computer systems that allowed cybercriminals to access and copy customer data including some highly sensitive material.
Individual Risk: 1.673=Severe
The data snatched includes customer names, dates of birth, Social Security numbers, driver’s license or state ID numbers, passport numbers, financial account and/or routing numbers, health insurance information, treatment information, biometric data, medical records, taxpayer identification numbers, and credit card numbers and/or expiration dates. Impacted customers are being informed by mail.
How It Could Affect Your Business: Whe a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause.
United Kingdom – McDonald’s
https://www.bleepingcomputer.com/news/security/mcdonalds-leaks-password-for-monopoly-vip-database-to-winners/Exploit: Misconfiguration
McDonald’s: Fast Food Chain
Risk to Business: 1.917 = Severe
The popular “Monopoly” game is back at McDonald’s in the UK, and winners received a surprise when the login names and passwords for the game’s database were made available to all winners. A Misconfiguration caused automated emails that went out to prize winners to contain the relevant usernames and passwords for both the production and staging database servers, allowing anyone to access the information. The missent information also included sensitive back-end info like hostnames for Azure SQL databases.
Customers Impacted: Unknown
How It Could Affect Your Business: Human error will always be the biggest enemy of cybersecurity. Ensure that mistakes like this don’t happen by making sure everone knows that they’re responsible for security and not just the IT team.
Israel – City4U
https://www.jpost.com/israel-news/hacker-claims-to-have-stolen-information-of-7-million-israelis-678905Exploit: Hacking
City4U: Municipal Services Platform
Risk to Business: 1.721 = Severe
Cybercriminals are claiming to have committed an audacious hack that scored them the personal information of around seven million Israelis, approximately 80% of Israel’s population, by hacking into City4U. The website is used by municipalities to allow residents to conduct business like paying utility bills, taxes and fines. The hackers made the claim through a telegram posting, providing samples of the stolen data as proof that included photos of identity cards and financial data.
How it Could Affect Your Business: Human error is still the biggest cause of a data breach and this is one mistake that’s going to cost a fortune by the time GDPR penalties are calculated.
France – France-Visas
https://www.connexionfrance.com/French-news/Personal-details-of-8-700-French-visa-applicants-exposed-by-hackersExploit: Hacking
France-Visas: Government Services Platform
Risk to Business: 1.919 = Severe
A cyber-attack has compromised the data of around 8,700 people applying for visas to visit or move to France via the official government-run France-Visas website. No details of the nationalities affected or other information about the applicants that had information exposed was released, but French officials say that they have been contacted by mail.
Individual Risk: 1.778 = Severe
Applicant PII including names, passport and identity card numbers, nationalities and birth dates was snatched by the hackers. No financial information was exposed. Officials noted a low potential for misuse because of strict GDPR compliance procedures.
Customers Impacted: 8,700
How it Could Affect Your Business: Huge data hauls like this are goldmines for cybercriminals, who can make plenty of cash by selling 2020’s number one desirable resource on the dark web: personal data.
Singapore – MyRepublic
https://www.zdnet.com/article/myrepublic-customers-compromised-in-third-party-data-breach/Exploit: Third Party Breach
MyRepublic: Mobile Carrier
Risk to Business: 1.802 = Severe
Mobile Carrier MyRepublic has announced that 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform. The company disclosed that the incident was uncovered on August 29 and the relevant authorities had been informed of the breach, including industry regulator Infocomm Media Development Authority (IMDA) and the country’s Personal Data Protection Commission, which oversees Singapore’s Personal Data Protection Act (PDPA).
Individual Risk: 1.802 = Severe
Cybercriminals were able to access customer records containing PII like the identity verification documents that customers had provided for mobile services registration, including scanned copies of national identity cards and residential addresses of foreign residents.
How it Could Affect Your Business: Third party risk is escalating as business operations become less centralized and more businesses rely on specialty services providers for day-to-day chores.
South Africa – Department of Justice and Constitutional Development
Exploit: RansomwareDepartment of Justice and Constitutional Development: Government Agency
Risk to Business: 1.802 = Severe
A ransomware attack struck the Department of Justice and Constitutional Development of South Africa. According to a department statement, many departments have been impacted, including the issuing of letters of authority, bail services, departmental email and the departmental website. Some services are available through old-fashioned pen and paper and child support payments won’t be delayed. The department announced that its team is working to restore operations. The incident is under investigation, and no word was available at press time on who was responsible for the attack.
How it Could Affect Your Business: Ransomware doesn’t always go after data. Sometimes cybercriminals want to hold the whole business to ransom, impeding operations and notching up embarrassment.
United Nations
https://www.infosecurity-magazine.com/news/hackers-steal-data-from-united/
Exploit: Credential CompromiseUnited Nations: Global Intergovernmental Organization
Risk to Business: 1.623 = Severe
Hackers have broken into the computer network of the United Nations and made off with data. The unidentified cybercriminals responsible for the hit appear to have gained access using employee login credentials stolen from a UN employee. Reports say that the bad actors logged into the employee’s Umoja account, the enterprise resource planning system implemented by the UN in 2015. This intrusion took place over an extended period of time. Investigators determined that the UN’s systems were first accessed by hackers on April 5, 2021, and that network intrusions continued to take place until August 7.
Customers Impacted: Unknown
How It Could Affect Your Business: This is a big target that regularly handles and sensitive data. The fact that it took several months to detect an intrusion is worrying.
Texas Right to Life
https://techcrunch.com/2021/09/07/texas-right-to-life-website-exposed-job-applicants-resumes/
Exploit: MisconfigurationDuPage Medical Group: Healthcare Practice
Risk to Business: 2.636 = Moderate
Anti-choice political action group Texas Right to Life is in hot water after it exposed the personal information of hundreds of job applicants on its website. Investigators have blamed a configuration error that allowed anyone to access all applicants’ resumes, which were stored in an unprotected directory. No additional information appears to have been exposed.
Individual Risk: 2.712 = Moderate
Job applicants had names, phone numbers, addresses and details of their employment history exposed, as the data included complete resumes for approximately 300 people..
How It Could Affect Your Business: Sloppy setups are responsible for too any data breaches. Establishing a strong cybersecurity culture combats this problem.
Dotty’s
https://portswigger.net/daily-swig/data-breach-at-us-restaurant-and-gambling-chain-dottys-may-have-leaked-sensitive-customer-informationExploit: Ransomware
Dotty’s: Fast Food Restaurant and Gambling Parlor Chain
Risk to Business: 1.673=Severe
Dotty’s, a fast food chain that offers gambling services across 175 locations, has experienced a cyberattack that severely impacted operations. The chain, owned and operated by Nevada Restaurant Services, announced that malware was discovered on some computer systems that allowed cybercriminals to access and copy customer data including some highly sensitive material.
Individual Risk: 1.673=Severe
The data snatched includes customer names, dates of birth, Social Security numbers, driver’s license or state ID numbers, passport numbers, financial account and/or routing numbers, health insurance information, treatment information, biometric data, medical records, taxpayer identification numbers, and credit card numbers and/or expiration dates. Impacted customers are being informed by mail.
How It Could Affect Your Business: Whe a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause.
United Kingdom – McDonald’s
https://www.bleepingcomputer.com/news/security/mcdonalds-leaks-password-for-monopoly-vip-database-to-winners/Exploit: Misconfiguration
McDonald’s: Fast Food Chain
Risk to Business: 1.917 = Severe
The popular “Monopoly” game is back at McDonald’s in the UK, and winners received a surprise when the login names and passwords for the game’s database were made available to all winners. A Misconfiguration caused automated emails that went out to prize winners to contain the relevant usernames and passwords for both the production and staging database servers, allowing anyone to access the information. The missent information also included sensitive back-end info like hostnames for Azure SQL databases.
Customers Impacted: Unknown
How It Could Affect Your Business: Human error will always be the biggest enemy of cybersecurity. Ensure that mistakes like this don’t happen by making sure everone knows that they’re responsible for security and not just the IT team.
Israel – City4U
https://www.jpost.com/israel-news/hacker-claims-to-have-stolen-information-of-7-million-israelis-678905Exploit: Hacking
City4U: Municipal Services Platform
Risk to Business: 1.721 = Severe
Cybercriminals are claiming to have committed an audacious hack that scored them the personal information of around seven million Israelis, approximately 80% of Israel’s population, by hacking into City4U. The website is used by municipalities to allow residents to conduct business like paying utility bills, taxes and fines. The hackers made the claim through a telegram posting, providing samples of the stolen data as proof that included photos of identity cards and financial data.
How it Could Affect Your Business: Human error is still the biggest cause of a data breach and this is one mistake that’s going to cost a fortune by the time GDPR penalties are calculated.
France – France-Visas
https://www.connexionfrance.com/French-news/Personal-details-of-8-700-French-visa-applicants-exposed-by-hackersExploit: Hacking
France-Visas: Government Services Platform
Risk to Business: 1.919 = Severe
A cyber-attack has compromised the data of around 8,700 people applying for visas to visit or move to France via the official government-run France-Visas website. No details of the nationalities affected or other information about the applicants that had information exposed was released, but French officials say that they have been contacted by mail.
Individual Risk: 1.778 = Severe
Applicant PII including names, passport and identity card numbers, nationalities and birth dates was snatched by the hackers. No financial information was exposed. Officials noted a low potential for misuse because of strict GDPR compliance procedures.
Customers Impacted: 8,700
How it Could Affect Your Business: Huge data hauls like this are goldmines for cybercriminals, who can make plenty of cash by selling 2020’s number one desirable resource on the dark web: personal data.
Singapore – MyRepublic
https://www.zdnet.com/article/myrepublic-customers-compromised-in-third-party-data-breach/Exploit: Third Party Breach
MyRepublic: Mobile Carrier
Risk to Business: 1.802 = Severe
Mobile Carrier MyRepublic has announced that 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform. The company disclosed that the incident was uncovered on August 29 and the relevant authorities had been informed of the breach, including industry regulator Infocomm Media Development Authority (IMDA) and the country’s Personal Data Protection Commission, which oversees Singapore’s Personal Data Protection Act (PDPA).
Individual Risk: 1.802 = Severe
Cybercriminals were able to access customer records containing PII like the identity verification documents that customers had provided for mobile services registration, including scanned copies of national identity cards and residential addresses of foreign residents.
How it Could Affect Your Business: Third party risk is escalating as business operations become less centralized and more businesses rely on specialty services providers for day-to-day chores.
South Africa – Department of Justice and Constitutional Development
Exploit: RansomwareDepartment of Justice and Constitutional Development: Government Agency
Risk to Business: 1.802 = Severe
A ransomware attack struck the Department of Justice and Constitutional Development of South Africa. According to a department statement, many departments have been impacted, including the issuing of letters of authority, bail services, departmental email and the departmental website. Some services are available through old-fashioned pen and paper and child support payments won’t be delayed. The department announced that its team is working to restore operations. The incident is under investigation, and no word was available at press time on who was responsible for the attack.
How it Could Affect Your Business: Ransomware doesn’t always go after data. Sometimes cybercriminals want to hold the whole business to ransom, impeding operations and notching up embarrassment.